On Thu, 13 Dec 2001 AnandDinakar@xxxxxxx wrote: > Hi > > How secure is SEAL? It looks excellent for encrypting data with file hooks. > Especially since the keystream is independent of the plaintext > Am I right? The fact that the keystream is plaintext independant is a problem. That means that the ciphertext (ie the disk) can be trivially broken if the same key is used for encrypting two or more blocks, or if the data is modified, and an attacker can read the data before and after the change. That means that a new key must be used for each block. That can be done by concatenating the key with an IV and redo the key schedule for each block. You would also need to make a new IV for each time the block is modified, e.g by having a modification counter for each block. the SEAL key schedule is quite heavy. Stream ciphers is more suited for encryption of truly sequential data like network connections. In fact RC4 is used for most SSL sites. > Must I take permission before using it? If you have plans using it in the US, you must ask IBM for permission, since they have patented it. Also SEAL is several algorithms. You have both SEAL 1.0, SEAL 2.0 and SEAL 3.0. I think 1.0 and 2.0 is broken. Seal 3.0 is quite new, and as far as I know not broken. > Can anyone give me a link to some cryptanalysis info for SEAL? Helena Handschuh and Henri Gilbert found an attack on SEAL 1.0 and 2.0. Then IBM made SEAL 3.0. to fix the cipher. There was also a paper on the Fast software encryption 2001 workshop, but I don't have the procedings, so I don't know what that paper says. -- Gisle Sælensminde ( gisle@xxxxxxxxx ) With sufficient thrust, pigs fly just fine. However, this is not necessarily a good idea. It is hard to be sure where they are going to land, and it could be dangerous sitting under them as they fly overhead. (from RFC 1925) - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
